Regulation: A View from Inside the Machine

Remarks at Protecting the Public While Fostering Innovation and Entrepreneurship: First Principles for Optimal RegulationUniversity of Missouri School of Law

Feb. 8, 2019

Thank you, Thom [Lambert], for that kind introduction. I am delighted to be part of this conference, but am sorry that I cannot be there in person. I had high expectations when I picked up Thom’s book on regulation shortly after it first came out several years ago.[1] Those expectations were exceeded by the clear and compelling way in which the book wrestles with the difficulties faced by regulators as they seek to design regulations that solve problems without creating larger problems in the process. As the book explains, “regulation . . . always involves trade-offs. The $64,000 question is how policymakers should proceed to ensure that they strike those trade-offs in a manner that creates as much social welfare as possible.”[2] I appreciate the book even more now that I am sitting in a regulator’s seat. Incidentally, as a regulator, I must give the standard disclaimer that the views I express today are my own and do not necessarily represent those of the Securities and Exchange Commission or my fellow Commissioners.

Entrepreneurship and innovation do not have the happiest of relationships with regulation. Regulators get used to dealing with the existing players in an industry, and those players tend to have teams of people dedicated to dealing with regulators. Entrepreneurs trying to start something new are often much more focused on that new thing than on how it fits into a regulator’s dog-eared rulebook. Regulators, for their part, tend to be skeptical of change because its consequences are difficult to foresee and figuring out how it fits into existing regulatory frameworks is difficult.

Society, however, often pushes regulators to accept change. After all, society benefits from entrepreneurs’ imaginative approaches to solving problems and willingness to go out on a limb with a new idea. Society welcomes innovations that make our lives easier, more enjoyable, and more productive. In many sectors, therefore, entrepreneurship and innovation evoke overwhelmingly positive responses.

In the financial industry, entrepreneurship and innovation do not always face such a warm reception. Financial innovations, for example, were fingered by some as the cause of the last financial crisis. Former Federal Reserve Chairman, Paul Volcker, in a negative post-crisis appraisal of financial innovation, concluded that:

The most important financial innovation that I have seen the past 20 years is the automatic teller machine . . . . How many other innovations can you tell me of that have been as important to the individual as the automatic teller machine, which is more of a mechanical innovation than a financial one? I have found very little evidence that vast amounts of innovation in financial markets in recent years has had a visible effect on the productivity of the economy . . . .[3]

Some people might disagree with Chairman Volcker. Take for example the man who got stuck inside an ATM a couple years ago.[4] In the course of repairing the machine, he got locked inside it. Without a cellphone or any other obvious way to contact the outside world, he was stuck. It is good that he thought to slip written pleas for help to undoubtedly baffled customers. Instead of a receipt, customers got a note reading “Please help. I’m stuck in here and I don’t have my phone. Please call my boss at . . . ”[5] A customer heeded the call, and the police rescued the repairman.

The moral of the story is that every innovation—even one that almost everyone agrees is good—carries with it some risk. Some people may get hurt by the innovation in ways we would never have imagined. Others may be helped by the innovation in ways we would never have imagined. Some people will use the innovation in ways we wish they would not. We would be better off without some innovations, but we might not know that until after enough time has passed to see the harm they cause. In other instances, the true value of an innovation may not come to light for years.

Technological progress in the financial industry offers the same mix of hope, promise, and risk that technological progress in other parts of our society offers. As regulators, therefore, we must allow innovation to proceed, even as we put in reasonable safeguards and watch for unanticipated consequences.

The SEC’s attitude toward innovation is important because we regulate an industry that is a key gatekeeper for progress and productivity in the rest of the economy. The United States has benefited greatly from the relative importance of non-bank financing. Without the funds that the capital markets provide, companies in other sectors of the economy would not be able to explore new ideas and develop new products and processes. As a regulator, when I think about protecting the public, I think not only of protecting investors, but also of ensuring that the capital markets are able to serve the rest of the economy without undue barriers.

Because of the central role the markets we regulate play in ensuring that the rest of the economy is funded, we need to be open to innovations that will make the capital markets function better and serve parts of the population that were previously not able to access those markets. Can we, for example, look for ways for unaccredited investors to pool their resources to invest in private companies? Can we change rules that mandate the use of outdated technology in, for example, our recordkeeping rules so that financial institutions can incorporate new technology and thus lower the costs of the services they provide? Can we allow more experimentation in the way that funds and investment advisers communicate with investors? Can we reexamine our assumptions about the types and methods of disclosure we require in light of the enormous changes in communication technology that have occurred since the federal securities laws were written in the 1930s? Can we permit more issuer communication with investors, which perhaps could open the door to a back-and-forth style of disclosure facilitated by online chats and message boards? These and other innovations in the capital markets often require regulatory approvals or regulatory forbearance, both of which my agency historically has been slow to provide.

The SEC now has a wonderful opportunity to consider its approach to innovation and entrepreneurship. We have just hired our first Advocate for Small Business Capital Formation, Martha Miller. She brings a much needed voice to an agency that has not been particularly open to thinking about the benefits that come from eliminating regulatory barriers to small issuers seeking capital. It is not the SEC’s job to shift capital flows toward small or emerging businesses; capital should flow to the companies—old, new, large, or small—that can best use it. We ought, however, to consider whether the rules we have in place have the effect of putting a thumb on the scale in favor of large and established companies. Having someone at the SEC whose job it is to ensure that the Commission is aware of the types of difficulties small companies face in the capital markets is an important step. Martha’s enthusiasm, knowledge, and experience suit her well for the important job she has taken on.

The agency’s opportunity to rethink its approach to innovation also arises out of a decade of technological development related to blockchain and cryptocurrencies. This area has challenged many regulators around the world, and the SEC is certainly no exception. We, along with other regulators, are asking how existing rules apply in this space and whether a new regulatory framework would work better. If we act appropriately, we can enable innovation on this new frontier to proceed without compromising the objectives of our securities laws—protecting investors, facilitating capital formation, and ensuring fair, orderly, and efficient markets.

One of the things that makes regulating in this space challenging is that its very essence is decentralization. Decentralization is nothing new; it is at the root of our economic system; free markets draw on the talents and knowledge of people all across society to produce what society needs. No person or group of persons can serve as central coordinator because such a master planner would be inherently less smart and less plugged in than the market, composed as it is of diverse individuals communicating with one another in the brutally blunt language of prices.[6] Yet, there is formal coordination too. Corporations, along with individuals, are key players in our markets. By joining together in a common enterprise, people are able to combine efforts and talents in ways that otherwise would not be possible.[7] Our securities markets have thus grown up around markets composed of individuals and corporations. Corporations issue securities, make the attendant disclosures, and have other responsibilities under the securities laws. Our securities laws are designed with the assumption that every issuer has someone at the helm who can authoritatively disclose the relevant material information about the organization.

Blockchain-based networks offer a new way of coordinating human action that does not fit as neatly within our securities framework. Satoshi Nakamoto, in the white paper that introduced bitcoin to the world, envisioned a “network [that] is robust in its unstructured simplicity.” Uncoordinated nodes work together toward a common end “with little coordination.”[8] Other blockchain projects likewise seek to build networks that operate organically, without a central organizer. Some projects seek to facilitate various forms of authentication to replace traditional recordkeeping transactions or to allow individuals to interact without using trusted intermediaries. The objective of many of these blockchain projects is to build networks that run on diffuse contributions, rather than to create centralized entities that run networks. In the end, there may not be anyone steering the ship.

Yet many of these projects begin in a centralized manner that looks about the same as any other start-up. A group of people get together to build something and they need to find investors to fund their efforts so they sell securities, sometimes called tokens. The SEC applies existing securities laws to these securities offerings, which means that they must be conducted in accordance with the securities laws or under an exemption. When the tokens are not being sold as investment contracts, however, they are not securities at all. Tokens sold for use in a functioning network, rather than as investment contracts, fall outside the definition of securities.

The Supreme Court’s Howey test, which sprang from a dispute about orange groves seven decades ago, is the tool the SEC uses for discerning whether or not something is an investment contract, which is a particular type of security that includes some token offerings.[9] A case once only on the lips of eager law students is thus now the hot topic in crypto conversations. In a now famous speech, the SEC’s Director of Corporation Finance, Bill Hinman, explained how that case, along with Gary Plastics,[10] has informed the SEC’s approach to digital assets.[11] As Director Hinman noted in his speech, it is the nature of the transaction that determines whether an offering of securities has occurred, not the item being sold. The oranges in Howey were not securities standing on their own, nor were the groves in which they grew. By contrast, the overall package sold to investors—the “opportunity to contribute money and to share in the profits of a large citrus fruit enterprise managed and partly owned by [third parties]”—was a securities offering and therefore triggered federal securities law.[12] Purchasers’ “respective shares in this enterprise are evidenced by land sales contracts and warranty deeds, which serve as a convenient method of determining the investors’ allocable shares of the profits. The resulting transfer of rights in land is purely incidental.”[13] The Division of Corporation Finance therefore will look to the nature of a token sale to determine whether a securities offering has occurred, and not just at the qualities of the token itself.

Director Hinman went on to explain, however, that because the token “all by itself is not a security, just as the orange groves in Howey were not,” a token sold in a securities offering might later be sold in a transaction that does not constitute a securities offering.[14] Once “a network becomes truly decentralized, the ability to identify an issuer or promoter to make the requisite disclosure becomes less meaningful” and offers and sales of tokens are no longer subject to the securities laws.[15]

Director Hinman’s speech has provided a useful framework within which people can analyze their token offerings in connection with the securities laws. The staff is working on some supplemental guidance to help people think through whether their crypto-fundraising efforts fall under the securities laws. There is also a standing offer for people to come in for so-called no-action relief in connection with a particular token or project. The applicant for no-action relief lays out the parameters of what it is trying to do, and the SEC staff can respond by saying that it would not recommend an enforcement action to the Commission based on the parameters set forth in the request for relief.

Of course, the Commission also has spoken indirectly through a number of enforcement actions, which necessarily involved finding that the token offerings at issue were securities offerings. Enforcement actions are not my preferred method for setting expectations for people trying to figure out how to raise money. For this reason, it is important for the Commission, in conjunction with Congress and its fellow regulators, to offer something more concrete and carefully considered.

While the application of the Howey test seems generally to make sense in this space, we need to tread carefully. Token offerings do not always map perfectly onto traditional securities offerings. For example, as a recent report from Coin Center noted, the decentralized nature of token offerings can mean that the capital raised through token sales may not be truly owned or controlled by a company. Functions traditionally completed by people designated as “issuers” or “promoters” under securities laws—which, importantly, bestow those roles with certain responsibilities and potential liabilities—may be performed by a number of unaffiliated people, or by no one at all.[16]

Additionally, I am worried that the application of the test will be overly broad. The Supreme Court in Howey embraced a “flexible rather than static principle, one that is capable of adaptation,”[17] an unwelcome phrase for people craving clarity. The subsequent application of the Supreme Court’s decision has further added to the ambiguity by diluting factors, such as the prong that asks whether the investors were anticipating “profits to come solely from the efforts of others.”[18] “Solely” has gotten dropped in the application of this prong. In the years since Howey, many courts have instead focused on whether profits are derived in effect principally from the efforts of others. This approach has been formulated by one appellate court as a question of whether “the efforts made by those other than the investor are the undeniably significant ones, those essential managerial efforts which affect the failure or success of the enterprise.”[19] More to the point, the Commission itself determined in 2017 that tokens issued by the DAO, a decentralized organization based on a distributed ledger, were securities despite the fact that token-holders had certain roles within the organization necessary to its operation.[20]

Given the role that individuals play in some token environments, either through mining, providing development services, or other tasks, the SEC must take care not to cast the Howey net so wide that it swallows the “efforts of others” prong entirely. In the realm of securities regulation, we often talk of the need for disclosure as a means of addressing information asymmetries between the issuers and the investors. The “efforts of others” prong of Howey aims at the heart of this problem. If the investors are not in control of the enterprise, that is, if they lack material information about the operation of the organization, they will need to obtain that information from those who are in control in order to make an informed investment decision.

It is possible that some projects may simply not be able to work under the existing Howey framework and the applicable securities laws. One cryptocurrency project, Basis, has announced that it will shut down operations and return $133 million in capital to investors due to the difficulty—if not impossibility—of complying with securities regulations given the team’s vision for the project.[21] I am not going to comment on what I think about the merits of any particular project or how the securities laws apply to it, but my antennae will go up when apparently legitimate projects cannot proceed because our securities laws make them unworkable.

Ambiguity is not all bad, of course. We might be able to draw clearer lines once we see more blockchain projects mature. Delay in drawing clear lines may actually allow more freedom for the technology to come into its own.[22]

Congress may resolve the ambiguities engendered by Howey by simply requiring that at least some digital assets be treated as a separate asset class. Congressmen Warren Davidson and Darren Soto recently introduced a bill in the House intended to amend the federal securities laws to do just that, provided that the token truly operated in a decentralized network.[23] Such an approach would facilitate more tailored disclosure. Indeed there are others who have argued that, whether ICOs can fit within the definition of a securities offering does not answer the question of whether that is how we should regulate them. In a forthcoming paper, Georgetown Law professor Chris Brummer and his co-authors argue that ICOs have certain features that make the regulatory framework applicable to IPOs inappropriate.[24] For example, changes to the blockchain may have outsized effects on certain tokens that depend on it. An investor may need to understand, for example, how the blockchain can be changed, and how those changes would affect the relevant token before she could fully appreciate the risks of investing in that crypto asset.

There is also the fact that much of the relevant—in the terms of securities law, arguably “material”—information about a token is often found in a white paper. The terms of this paper may be highly technical and difficult for most investors to understand. In some cases, these white papers have not matched the tokens’ actual code.[25] Whether this is due to honest error, as may be the fact in some cases, or outright fraud, as it has been in others, it raises a unique issue for regulators to address.

Much as we regulators hate to admit it, we ought not to assume that absent the application of the securities laws to the world of tokens, there would never be any order. As Professor Lambert notes in his book, the disclosure approach built into the securities laws is designed to “prevent adverse selection by requiring informationally advantaged parties to share specified information with their counterparties.”[26] As he explains, however, even in the absence of government directives, the informationally advantaged party may not need the government to tell it to make disclosures.[27] The market itself sends this message; disclosure is a way to signal quality, something you want to do when you are trying to convince someone to buy your product. After an initial period of unbridled enthusiasm over ICOs, cooler heads seem to be thinking about ways to assess ICOs—to separate the wheat from the chaff. Sponsors of ICOs that want to succeed will make voluntary disclosures to signal their quality. Disclosure will happen regardless of whether the securities disclosure regime applies to ICOs. Moreover, the platforms that trade cryptocurrencies can play a role in forcing such disclosures, much as the stock exchanges did before the securities laws took effect.[28]

Our interactions with cryptocurrencies are not limited to questions about the regulation of token sales and disclosures. Closely linked to the question of whether tokens are securities is the question of how the platforms on which tokens trade should be regulated. Some of these platforms want to register with us, and I am eager to make progress on this front. There are features of crypto trading platforms that may differ from exchanges or alternative trading systems designed for traditional securities. To identify how regulation may need to change to accommodate these differences we will need to improve our understanding of how the platforms operate.

There is also great interest in exchange-traded products based on bitcoin or other cryptocurrencies. As I have mentioned in the past, I am concerned that our approach with respect to such products borders on merit-based regulation,[29] which means that we are substituting our own judgment for that of potential investors in these products. We rightfully fault investors for jumping blindly at anything labeled crypto, but at times we seem to be equally impulsive in running away from anything labeled crypto. We owe it to investors to be careful, but we also owe it to them not to define their investment universe with our preferences.

I would like to conclude by drawing again from Professor Lambert’s book. His definition of “regulation” as “any threat-backed governmental directive aimed at fixing a defect in ‘private ordering’ . . .” reminds us of the gravity of the regulator’s task.[30] Private ordering is the baseline because, as the book explains, “when property rights are well defined and transferable, and individuals are able to strike trustworthy exchange agreements, markets will emerge and channel productive resources to … [the] production of the goods and services individuals value most.”[31] Regulation involves overruling private arrangements, substituting a government mandate, and imposing a penalty of some sort on people who fail to comply with that mandate. Given the potential consequences of doing these things, the regulator and the people on whose behalf it regulates must think carefully about whether and how regulation should be employed.

That careful thinking, however, may mean frustration for the innovators hoping for quick answers about what the relevant regulations are. Channel that frustration by coming and talking to us about how you think we should approach these regulatory questions.[32] Sometimes I feel like the repairman in the ATM sending slips of paper to the outside world asking for help. In my case, I am asking for help on getting the regulations right so that innovators and entrepreneurs can spend their time and attention on making better products, providing better services, and revolutionizing the way we interact with one another.